Sometimes, Microsoft's patches really turn my stomach.
This week? It’s the “Windows Task Scheduler” security patch that’s identified as
If you slog through Microsoft's miles and miles of technical discussion, you
might come to the conclusion that poor ol’ Microsoft had fallen victim to yet
another bunch of wily black-hat virus writers. These miscreants do their worst
to lure you to their wicked Web sites in order to infect your poor, unsuspecting
PC with a bogus Windows Task Scheduler job. (The problem afflicts Windows XP,
Windows 2000, and Windows NT 4 if Internet Explorer 6 is installed.)
In the June 17
issue of Brian’s Buzz on Windows, we discussed the promise of Windows XP
Service Pack 2 (SP2) and why you need to evaluate this release before
Microsoft finalizes the product sometime later this summer.
After many agonizing months of development, Microsoft issued on
June 14 its Release Candidate 2 of the major new upgrade, Service Pack 2 (SP2)
for Windows XP. As a “release candidate,” the update is not yet a
supported package that can be installed en masse by Windows users.
(For one thing, it’s never recommended that you install the final software
over a release candidate, even if there’s an uninstall feature for the
beta version.) But it’s getting very close to the “gold” version of the
software that Microsoft will soon be urging all XP users to install.
The recent wave of “phishing” attacks was the primary
subject of Brian’s Buzz on Windows in both my
May 6 and
In a phishing exploit, you receive an official-looking e-mail that appears
to be from an online banking or financial site — perhaps one that you
have an account with. The e-mail says you must “re-confirm” your account details.
If you click the link in the e-mail, you’re sent to an official-looking
Web page that’s actually controlled by thieves. When you type in
your password or credit-card number, the hackers behind the site capture
the information and use it to steal from your account.
The top story of the
May 6 issue
of Brian’s Buzz on Windows revealed that hackers had found a way to hijack
the address bar of Internet Explorer, Netscape, and possibly other browsers.
This exploit makes it appear that you are visiting one site — such as
your online bank — whereas you are actually visiting a bogus site
that just happens to look exactly like your online bank.
Scam artists on the Internet have developed a way to make your browser’s
address bar say that you’re viewing a legitimate Web site — when you’re
actually visiting a malicious site instead. The new technique is known to
affect Microsoft’s Internet Explorer (IE) browser, but also affects the
Netscape browser and possibly others as well.
I’ve seen several comments from readers about versions of Microsoft’s
IntelliMouse software — its configuration utility for pointing devices
— trying to quietly establish an Internet connection. For example, Bill
Kennedy sent in the following description of his experiences:
Google.com is a search engine, not a Windows program. But Google
is running on so many desktops — and so many computer
professionals use Google to look up technical-support information —
that it almost seems at times like a built-in Windows applet.
Microsoft released its latest mass beta test on an unsuspecting populace
when it started downloading into end users’ computers on Mar. 9 its new
Service Pack 3 for Windows XP.
Microsoft has acknowledged that installing Service Pack 1 on
Windows XP can make USB ports so slow that they almost seem to have frozen.
This occurs because the “lazy write” cache gets confused about what
information has been written to disk, with the result that the same
bits are sent many times over.